Security and inference in multilevel database and knowledge-base systems
SIGMOD '87 Proceedings of the 1987 ACM SIGMOD international conference on Management of data
Control of confidentiality in databases
Computers and Security
Toward a tool to detect and eliminate inference problems in the design of multilevel databases
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
AERIE: an inference modeling and detection approach for databases
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Inference through secondary path analysis
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
CIKM '93 Proceedings of the second international conference on Information and knowledge management
Formal query languages for secure relational databases
ACM Transactions on Database Systems (TODS)
Controlling Aggregation in Distributed Object Systems: A Graph-Based Approach
IEEE Transactions on Parallel and Distributed Systems
Controlling FD and MVD Inferences in Multilevel Relational Database Systems
IEEE Transactions on Knowledge and Data Engineering
A MAC Policy Framework for Multilevel Relational Databases
IEEE Transactions on Knowledge and Data Engineering
Inference in MLS Database Systems
IEEE Transactions on Knowledge and Data Engineering
Wizard: A Database Inference Analysis and Detection System
IEEE Transactions on Knowledge and Data Engineering
A Semantic Framework of the Multilevel Secure Relational Model
IEEE Transactions on Knowledge and Data Engineering
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
Inference-Security Analysis Using Resolution Theorem-Proving
Proceedings of the Fifth International Conference on Data Engineering
Implementation Considerations for Inference Detection: Intended vs. Actual Classification
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
An Integrated Framework for Database Privacy Protection
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Information Flow Controls vs Interference Controls: An Integrated Approach
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Enhancing the Controlled Disclosure of Sensitive Information
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Rules for Designing Multilevel Object-Oriented Databases
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Constraints, Inference Channels and Secure Databases
CP '02 Proceedings of the 6th International Conference on Principles and Practice of Constraint Programming
Cover Stories for Database Security
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Data mining, national security, privacy and civil liberties
ACM SIGKDD Explorations Newsletter
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Data Level Inference Detection in Database Systems
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Catalyzing database inference with fuzzy relations
ISUMA '95 Proceedings of the 3rd International Symposium on Uncertainty Modelling and Analysis
An Agent-Based Approach to Inference Prevention in Distributed Database Systems
ICTAI '02 Proceedings of the 14th IEEE International Conference on Tools with Artificial Intelligence
The inference problem and updates in relational databases
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
DMKD '03 Proceedings of the 8th ACM SIGMOD workshop on Research issues in data mining and knowledge discovery
A Logical Analysis of Authorized and Prohibited Information Flows
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Detection and Elimination of Inference Channels in Multilevel Relational Database Systems
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Inference Channel-Free Integrity Constraints in Multilevel Relational Databases
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Catalytic Inference Analysis: Detecting Inference Threats due to Knowledge Discovery
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A data-level database inference detection system
A data-level database inference detection system
Secure databases: constraints and inference channels
Secure databases: constraints and inference channels
A formal analysis of information disclosure in data exchange
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
A Dynamic Method for Handling the Inference Problem in Multilevel Secure Databases
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
Cardinality-based inference control in data cubes
Journal of Computer Security
Protecting sensitive patient data via query modification
Proceedings of the 2005 ACM symposium on Applied computing
Ontology guided XML security engine
Journal of Intelligent Information Systems - Special issue: Database and applications security
Dynamic disclosure monitor (D2Mon): an improved query processing solution
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Unauthorized inferences in semistructured databases
Information Sciences: an International Journal
Hi-index | 0.00 |
Access controls are not sufficient to prevent the release of secret information from an information system unless they address the problem of inference. An inference strategy is a method by which a user can infer secret information using the information which they are allowed to access through the access control mechanism. The aim of this paper is to collate and categorise the set of inference strategies in the existing literature. The systematic literature review (SLR) methodology is used to identify and categorise known inference strategies. The SLR search found 63 sources, and 127 inference strategies were extracted from these sources, which have been categorised into 11 different categories. Recording the inference strategy processes has abstracted the detail which ties inference strategies to an information system. Using this abstraction, it should be feasible to determine the level of inference protection offered by information systems in general.